Tools Category

AWS Security tools: Scripts and tools for AWS Pentest

AWS Security tools Bunch of scripts for AWS Pentest lambda/lambda_dumper.py – Script to Dump AWS Lambda functions lambda/lambda_backdoor.py – Backdoor AWS users iam/iam_user_enum – Bruteforce IAM usernames iam/assume_role_enum – Enumerate and Assume IAM Roles for privilege escalation eks/k8s_secrets_dumper.py – Kubernetes Secrets Dumper eks/pod_to_node_escape – Escape form k8s pod to the underlying container Read more…

 9,172 total views,  2 views today

Tools Category

This script tests if APs are affected by CVE-2017-13082 (KRACK attack)

  This script tests if APs are affected by CVE-2017-13082 (KRACK attack). See the KRACK attack website for details and also read the research paper. CVE-2017-13082: Key Reinstall in FT Handshake (802.11r) Access Points (APs) might contain a vulnerable implementation of the Fast BSS Transition (FT) handshake. More precisely, a retransmitted or replayed Read more…

 157 total views

Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability

Bypass Antivirus & Exploit Windows Using PowerShell Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Affected Version Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Read more…

 100 total views

Tools Category

Findsploit

ABOUT Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes “copysploit” to copy any exploit-db exploit to the current directory and “compilesploit” to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). For updates Read more…

 145 total views

Tools Category

Nmap NSE script to detect MS17-010

smb-vuln-ms17-010.nse nmap nse script description Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code execution vulnerability (ms2017-010). The script connects to the $IPC tree, executes a transaction on FID 0 and checks if the error “STATUS_INSUFF_SERVER_RESOURCES” is returned to determine if the target is not patched against Read more…

 185 total views

Tools Category

NETATTACK 2

An Advanced Wireless Network Scan and Attack Script     NETATTACK 2 is a python script that scans and attacks local and wireless networks. Everything is super easy because of the GUI that makes it unnecessary to remember commands and parameters. FUNCTIONS SCAN-FUNCTIONS Scan for Wi-Fi networks Scan for local Read more…

 153 total views